Search in sources :

Example 21 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class APIProviderImpl method updateSharedScope.

/**
 * Update a shared scope.
 *
 * @param sharedScope  Shared Scope
 * @param tenantDomain tenant domain
 * @throws APIManagementException If failed to update
 */
@Override
public void updateSharedScope(Scope sharedScope, String tenantDomain) throws APIManagementException {
    int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain);
    Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
    for (Map.Entry<String, KeyManagerDto> keyManagerEntry : tenantKeyManagers.entrySet()) {
        KeyManager keyManager = keyManagerEntry.getValue().getKeyManager();
        if (keyManager != null) {
            try {
                keyManager.updateScope(sharedScope);
            } catch (APIManagementException e) {
                log.error("Error while Updating Shared Scope " + sharedScope.getKey() + " from Key Manager " + keyManagerEntry.getKey(), e);
            }
        }
    }
    updateScope(sharedScope, tenantId);
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) KeyManagerDto(org.wso2.carbon.apimgt.impl.dto.KeyManagerDto) Map(java.util.Map) TreeMap(java.util.TreeMap) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)

Example 22 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class APIProviderImpl method addLocalScopes.

/**
 * Add local scopes for the API if the scopes does not exist as shared scopes. The local scopes to add will be
 * take from the URI templates.
 *
 * @param apiName API name
 * @param uriTemplates  URI Templates
 * @param organization  Organization
 * @throws APIManagementException if fails to add local scopes for the API
 */
private void addLocalScopes(String apiName, Set<URITemplate> uriTemplates, String organization) throws APIManagementException {
    int tenantId = APIUtil.getInternalOrganizationId(organization);
    String tenantDomain = APIUtil.getTenantDomainFromTenantId(tenantId);
    Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
    // Get the local scopes set to register for the API from URI templates
    Set<Scope> scopesToRegister = getScopesToRegisterFromURITemplates(apiName, organization, uriTemplates);
    // Register scopes
    for (Scope scope : scopesToRegister) {
        for (Map.Entry<String, KeyManagerDto> keyManagerDtoEntry : tenantKeyManagers.entrySet()) {
            KeyManager keyManager = keyManagerDtoEntry.getValue().getKeyManager();
            if (keyManager != null) {
                String scopeKey = scope.getKey();
                try {
                    // version.
                    if (!keyManager.isScopeExists(scopeKey)) {
                        // register scope in KM
                        keyManager.registerScope(scope);
                    } else {
                        if (log.isDebugEnabled()) {
                            log.debug("Scope: " + scopeKey + " already registered in KM. Skipping registering scope.");
                        }
                    }
                } catch (APIManagementException e) {
                    log.error("Error while registering Scope " + scopeKey + "in Key Manager " + keyManagerDtoEntry.getKey(), e);
                }
            }
        }
    }
    addScopes(scopesToRegister, tenantId);
}
Also used : Scope(org.wso2.carbon.apimgt.api.model.Scope) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) KeyManagerDto(org.wso2.carbon.apimgt.impl.dto.KeyManagerDto) Map(java.util.Map) TreeMap(java.util.TreeMap) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)

Example 23 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.

private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
    keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
    keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
    IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
    if (identityProviderProperties.length > 0) {
        for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
            if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
            }
            if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
            }
        }
    } else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
    }
    keyManagerDTO.setEnabled(identityProvider.isEnable());
    keyManagerDTO.setAlias(identityProvider.getAlias());
    ClaimConfig claimConfig = identityProvider.getClaimConfig();
    JsonArray claimArray = new JsonArray();
    for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
        JsonObject claimMappingEntryDTO = new JsonObject();
        claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
        claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
        claimArray.add(claimMappingEntryDTO);
    }
    keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
Also used : JsonArray(com.google.gson.JsonArray) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) JsonObject(com.google.gson.JsonObject)

Example 24 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class KeyManagerMappingUtil method toKeyManagerConfigurationDTO.

public static KeyManagerConfigurationDTO toKeyManagerConfigurationDTO(String tenantDomain, KeyManagerDTO keyManagerDTO) {
    KeyManagerConfigurationDTO keyManagerConfigurationDTO = new KeyManagerConfigurationDTO();
    Map<String, String> endpoints = new HashMap<>();
    keyManagerConfigurationDTO.setName(keyManagerDTO.getName());
    keyManagerConfigurationDTO.setDisplayName(keyManagerDTO.getDisplayName());
    keyManagerConfigurationDTO.setDescription(keyManagerDTO.getDescription());
    keyManagerConfigurationDTO.setEnabled(keyManagerDTO.isEnabled());
    keyManagerConfigurationDTO.setType(keyManagerDTO.getType());
    keyManagerConfigurationDTO.setOrganization(tenantDomain);
    keyManagerConfigurationDTO.setTokenType(keyManagerDTO.getTokenType().toString());
    keyManagerConfigurationDTO.setAlias(keyManagerDTO.getAlias());
    Map<String, Object> additionalProperties = new HashMap();
    if (keyManagerDTO.getAdditionalProperties() != null && keyManagerDTO.getAdditionalProperties() instanceof Map) {
        additionalProperties.putAll((Map) keyManagerDTO.getAdditionalProperties());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getClientRegistrationEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.CLIENT_REGISTRATION_ENDPOINT, keyManagerDTO.getClientRegistrationEndpoint());
        endpoints.put(APIConstants.KeyManager.CLIENT_REGISTRATION_ENDPOINT, keyManagerDTO.getClientRegistrationEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getIntrospectionEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.INTROSPECTION_ENDPOINT, keyManagerDTO.getIntrospectionEndpoint());
        endpoints.put(APIConstants.KeyManager.INTROSPECTION_ENDPOINT, keyManagerDTO.getIntrospectionEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getTokenEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerDTO.getTokenEndpoint());
        endpoints.put(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerDTO.getTokenEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getDisplayTokenEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.DISPLAY_TOKEN_ENDPOINT, keyManagerDTO.getDisplayTokenEndpoint());
        endpoints.put(APIConstants.KeyManager.DISPLAY_TOKEN_ENDPOINT, keyManagerDTO.getDisplayTokenEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getRevokeEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerDTO.getRevokeEndpoint());
        endpoints.put(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerDTO.getRevokeEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getDisplayRevokeEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.DISPLAY_REVOKE_ENDPOINT, keyManagerDTO.getDisplayRevokeEndpoint());
        endpoints.put(APIConstants.KeyManager.DISPLAY_REVOKE_ENDPOINT, keyManagerDTO.getDisplayRevokeEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getScopeManagementEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.SCOPE_MANAGEMENT_ENDPOINT, keyManagerDTO.getScopeManagementEndpoint());
        endpoints.put(APIConstants.KeyManager.SCOPE_MANAGEMENT_ENDPOINT, keyManagerDTO.getScopeManagementEndpoint());
    }
    if (keyManagerDTO.getAvailableGrantTypes() != null) {
        additionalProperties.put(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE, keyManagerDTO.getAvailableGrantTypes());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getIssuer())) {
        additionalProperties.put(APIConstants.KeyManager.ISSUER, keyManagerDTO.getIssuer());
    }
    if (keyManagerDTO.getCertificates() != null) {
        additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_VALUE, keyManagerDTO.getCertificates().getValue());
        if (KeyManagerCertificatesDTO.TypeEnum.JWKS.equals(keyManagerDTO.getCertificates().getType())) {
            additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
        } else if (KeyManagerCertificatesDTO.TypeEnum.PEM.equals(keyManagerDTO.getCertificates().getType())) {
            additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
        }
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getUserInfoEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.USERINFO_ENDPOINT, keyManagerDTO.getUserInfoEndpoint());
        endpoints.put(APIConstants.KeyManager.USERINFO_ENDPOINT, keyManagerDTO.getUserInfoEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getAuthorizeEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.AUTHORIZE_ENDPOINT, keyManagerDTO.getAuthorizeEndpoint());
        endpoints.put(APIConstants.KeyManager.AUTHORIZE_ENDPOINT, keyManagerDTO.getAuthorizeEndpoint());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getWellKnownEndpoint())) {
        additionalProperties.put(APIConstants.KeyManager.WELL_KNOWN_ENDPOINT, keyManagerDTO.getWellKnownEndpoint());
    }
    if (keyManagerDTO.getEndpoints() != null) {
        for (KeyManagerEndpointDTO endpoint : keyManagerDTO.getEndpoints()) {
            endpoints.put(endpoint.getName(), endpoint.getValue());
        }
    }
    keyManagerConfigurationDTO.setEndpoints(endpoints);
    additionalProperties.put(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION, keyManagerDTO.isEnableOAuthAppCreation());
    additionalProperties.put(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS, keyManagerDTO.isEnableMapOAuthConsumerApps());
    additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION, keyManagerDTO.isEnableTokenGeneration());
    additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_HASH, keyManagerDTO.isEnableTokenHashing());
    additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_ENCRYPTION, keyManagerDTO.isEnableTokenEncryption());
    additionalProperties.put(APIConstants.KeyManager.SELF_VALIDATE_JWT, keyManagerDTO.isEnableSelfValidationJWT());
    List<TokenValidationDTO> tokenValidationDTOList = keyManagerDTO.getTokenValidation();
    if (tokenValidationDTOList != null && !tokenValidationDTOList.isEmpty()) {
        additionalProperties.put(APIConstants.KeyManager.TOKEN_FORMAT_STRING, new Gson().toJson(tokenValidationDTOList));
    }
    List<ClaimMappingEntryDTO> claimMapping = keyManagerDTO.getClaimMapping();
    if (claimMapping != null) {
        additionalProperties.put(APIConstants.KeyManager.CLAIM_MAPPING, new Gson().toJsonTree(claimMapping));
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getConsumerKeyClaim())) {
        additionalProperties.put(APIConstants.KeyManager.CONSUMER_KEY_CLAIM, keyManagerDTO.getConsumerKeyClaim());
    }
    if (StringUtils.isNotEmpty(keyManagerDTO.getScopesClaim())) {
        additionalProperties.put(APIConstants.KeyManager.SCOPES_CLAIM, keyManagerDTO.getScopesClaim());
    }
    keyManagerConfigurationDTO.setAdditionalProperties(additionalProperties);
    return keyManagerConfigurationDTO;
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) KeyManagerEndpointDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerEndpointDTO) HashMap(java.util.HashMap) TokenValidationDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.TokenValidationDTO) Gson(com.google.gson.Gson) ClaimMappingEntryDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.ClaimMappingEntryDTO) JsonObject(com.google.gson.JsonObject) HashMap(java.util.HashMap) Map(java.util.Map)

Example 25 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class KeyManagersApiServiceImpl method keyManagersPost.

public Response keyManagersPost(KeyManagerDTO body, MessageContext messageContext) throws APIManagementException {
    String organization = RestApiUtil.getOrganization(messageContext);
    APIAdmin apiAdmin = new APIAdminImpl();
    try {
        KeyManagerConfigurationDTO keyManagerConfigurationDTO = KeyManagerMappingUtil.toKeyManagerConfigurationDTO(organization, body);
        KeyManagerConfigurationDTO createdKeyManagerConfiguration = apiAdmin.addKeyManagerConfiguration(keyManagerConfigurationDTO);
        APIUtil.logAuditMessage(APIConstants.AuditLogConstants.KEY_MANAGER, new Gson().toJson(keyManagerConfigurationDTO), APIConstants.AuditLogConstants.CREATED, RestApiCommonUtil.getLoggedInUsername());
        URI location = new URI(RestApiConstants.KEY_MANAGERS + "/" + createdKeyManagerConfiguration.getUuid());
        return Response.created(location).entity(KeyManagerMappingUtil.toKeyManagerDTO(createdKeyManagerConfiguration)).build();
    } catch (URISyntaxException e) {
        String error = "Error while Creating Key Manager configuration in organization " + organization;
        throw new APIManagementException(error, e, ExceptionCodes.INTERNAL_ERROR);
    }
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) APIAdmin(org.wso2.carbon.apimgt.api.APIAdmin) Gson(com.google.gson.Gson) APIAdminImpl(org.wso2.carbon.apimgt.impl.APIAdminImpl) URISyntaxException(java.net.URISyntaxException) URI(java.net.URI)

Aggregations

KeyManagerDto (org.wso2.carbon.apimgt.impl.dto.KeyManagerDto)16 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)15 HashMap (java.util.HashMap)13 Map (java.util.Map)13 KeyManager (org.wso2.carbon.apimgt.api.model.KeyManager)13 TreeMap (java.util.TreeMap)10 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)9 KeyManagerConfigurationDTO (org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)5 Gson (com.google.gson.Gson)4 APIAdmin (org.wso2.carbon.apimgt.api.APIAdmin)4 APIAdminImpl (org.wso2.carbon.apimgt.impl.APIAdminImpl)4 JsonObject (com.google.gson.JsonObject)3 ArrayList (java.util.ArrayList)3 APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)3 Scope (org.wso2.carbon.apimgt.api.model.Scope)3 URITemplate (org.wso2.carbon.apimgt.api.model.URITemplate)3 KeyManagerDTO (org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO)3 JsonArray (com.google.gson.JsonArray)2 HashSet (java.util.HashSet)2 List (java.util.List)2